- All Exams Instant Download
Which of the following types of social engineering attacks occurred?
An employee clicked a link in an email from a payment website that asked the employee to update contact information. The employee entered the log-in information but received a “page not found” error message. Which of the following types of social engineering attacks occurred?A . Brand impersonationB . PretextingC ....
Which of the following best describes the program the company is setting up?
A company is expanding its threat surface program and allowing individuals to security test the company’s internet-facing application. The company will compensate researchers based on the vulnerabilities discovered. Which of the following best describes the program the company is setting up?A . Open-source intelligenceB . Bug bountyC . Red teamD...
Which of the following strategies does this represent?
A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?A . AcceptB . TransferC . MitigateD . AvoidView AnswerAnswer: B Explanation: Cyber insurance is a type of insurance that covers the financial losses and liabilities that result from cyberattacks,...
Which of the following methods would allow this functionality?
A data administrator is configuring authentication for a SaaS application and would like to reduce the number of credentials employees need to maintain. The company prefers to use domain credentials to access new SaaS applications. Which of the following methods would allow this functionality?A . SSOB . LEAPC . MFAD...
Which of the following teams will conduct this assessment activity?
A company hired a consultant to perform an offensive security assessment covering penetration testing and social engineering. Which of the following teams will conduct this assessment activity?A . WhiteB . PurpleC . BlueD . RedView AnswerAnswer: D Explanation: A red team is a group of security professionals who perform offensive...
Which of the following types of social engineering attacks occurred?
An employee clicked a link in an email from a payment website that asked the employee to update contact information. The employee entered the log-in information but received a “page not found” error message. Which of the following types of social engineering attacks occurred?A . Brand impersonationB . PretextingC ....
Which of the following application security techniques should the security analyst recommend the developer implement to prevent this vulnerability?
A security team is reviewing the findings in a report that was delivered after a third party performed a penetration test. One of the findings indicated that a web application form field is vulnerable to cross-site scripting. Which of the following application security techniques should the security analyst recommend the...
Which of the following encryption techniques should the security administrator use?
A security administrator would like to protect data on employees’ laptops. Which of the following encryption techniques should the security administrator use?A . PartitionB . AsymmetricC . Full diskD . DatabaseView AnswerAnswer: C Explanation: Full disk encryption (FDE) is a technique that encrypts all the data on a hard drive,...
50.10.25 32 port 53
50.10.25 32 port 53 D. Access list outbound permit 10.50.10.25 32 0.0.0.0/0 port 53 Access list outbound deny 0.0.0.0.0.0.0.0.0/0 port 53View AnswerAnswer: D Explanation: The correct answer is D because it allows only the device with the IP address 10.50.10.25 to send outbound DNS requests on port 53, and denies...
Which of the following is required for an organization to properly manage its restore process in the event of system failure?
Which of the following is required for an organization to properly manage its restore process in the event of system failure?A . IRPB . DRPC . RPOD . SDLCView AnswerAnswer: B Explanation: A disaster recovery plan (DRP) is a set of policies and procedures that aim to restore the normal...
